<?php include '../include.php'; if ($posting) { if (isset($_POST['order'])) { $counter = 1; foreach ($_POST['order'] as $id) { db_query('UPDATE intranet_offices SET precedence = ' . $counter . ' WHERE id = ' . $id); $counter++; } exit; } else { db_enter('intranet_offices', 'name address precedence'); url_query_drop('id'); } } elseif (url_id() && url_action('delete')) { db_query('DELETE FROM intranet_offices WHERE id = ' . $_GET['id']); url_query_drop('action,id'); } drawTop(); if (url_id()) { if (!($l = db_grab('SELECT id, name, address, precedence FROM intranet_offices WHERE id = ' . $_GET['id']))) { url_query_drop('id'); } $form = new intranet_form(); $form->addRow('hidden', '', 'precedence', $l['precedence']); $form->addRow('itext', 'Name', 'name', $l['name'], '', true, 255); $form->addRow('textarea-plain', 'Address', 'address', $l['address'], ''); $form->addRow('submit', 'Save Changes'); $form->draw('Edit Location'); } else {
<?php include "../include.php"; if ($posting) { if (isset($_POST['order'])) { $counter = 1; foreach ($_POST['order'] as $link_id) { db_query('UPDATE spotlight SET precedence = ' . $counter . ' WHERE id = ' . $link_id); $counter++; } die(drawSpotlight()); } else { $id = db_enter('spotlight', 'title url precedence'); if ($uploading && file_ext($_FILES["userfile"]['name']) == 'jpg') { define('DIRECTORY_ROOT', $_SERVER['DOCUMENT_ROOT']); define('DIRECTORY_WRITE', '/uploads'); $image = format_image($_FILES["userfile"]["tmp_name"], 'jpg'); $image = format_image_resize($image, 320, 320); file_put('/uploads/spotlight/' . $id . '.jpg', $image); } url_change(); } } elseif (!empty($_GET['id']) && url_action('delete')) { db_query('DELETE FROM spotlight WHERE id = ' . $_GET['id']); url_query_drop('action,id'); } drawTop(); ?> <table cellspacing="1" class="left draggable spotlight"> <thead> <?php
<?php include '../include.php'; if ($posting) { error_debug("handling bb post"); format_post_bits("isAdmin,temporary"); $id = db_enter("bulletin_board_topics", "title |description isAdmin temporary"); db_query("UPDATE bulletin_board_topics SET threadDate = GETDATE() WHERE id = " . $id); if ($_POST["isAdmin"] == "'1'") { //send admin email //get topic $r = db_grab("SELECT \n\t\t\t\tt.title,\n\t\t\t\tt.description,\n\t\t\t\tu.userID,\n\t\t\t\tISNULL(u.nickname, u.firstname) firstname,\n\t\t\t\tu.lastname,\n\t\t\t\tt.createdOn\n\t\t\t\tFROM bulletin_board_topics t\n\t\t\t\tJOIN intranet_users u ON t.createdBy = u.userID\n\t\t\t\tWHERE t.id = " . $id); //construct email $message = drawEmailHeader(); $message .= drawServerMessage("<b>Note</b>: This is an Administration/Human Resources topic from the <a href='http://" . $server . "/bulletin_board/'>Intranet Bulletin Board</a>. For more information, please contact the <a href='mailto:hrpayroll@seedco.org'>Human Resources Department</a>."); $message .= '<table class="center">'; $message .= drawHeaderRow("Email", 2); $message .= drawThreadTop($r["title"], $r["description"], $r["userID"], $r["firstname"] . " " . $r["lastname"], $r["createdOn"]); $message .= '</table>' . drawEmailFooter(); $headers = "MIME-Version: 1.0\r\n"; $headers .= "Content-type: text/html; charset=iso-8859-1\r\n"; $headers .= "From: " . $_josh["email_default"] . "\r\n"; //get addresses & send $users = db_query("SELECT email FROM intranet_users WHERE isactive = 1"); while ($u = db_fetch($users)) { mail($u["email"], $r["title"], $message, $headers); } } syndicateBulletinBoard(); url_change(); }
//send invitation $name = str_replace("'", "", $_POST["nickname"] == "NULL" ? $_POST["firstname"] : $_POST["nickname"]); email_invite($id, $email_address, $name); } //update permissions db_checkboxes("permissions", "administrators", "userID", "moduleID", $id); db_checkboxes("skills", "users_to_skills", "user_id", "skill_id", $id); //check long distance code if ($locale == "/_seedco/" && $_POST["officeID"] == "1") { if (!db_grab("SELECT longdistancecode FROM intranet_users WHERE userID = " . $id)) { $code = db_grab("SELECT code FROM ldcodes WHERE code NOT IN ( SELECT longdistancecode FROM intranet_users WHERE isActive = 1 AND longdistancecode IS NOT NULL)"); db_query("UPDATE intranet_users SET longDistanceCode = {$code} WHERE userID = " . $id); } } } else { $id = db_enter("intranet_users", "firstname nickname lastname email title #corporationID departmentID officeID phone bio homeAddress1 homeAddress2 homeCity homeStateID homeZIP homePhone homeCell homeEmail emerCont1Name emerCont1Relationship emerCont1Phone emerCont1Cell emerCont1Email emerCont2Name emerCont2Relationship emerCont2Phone emerCont2Cell emerCont2Email", "userID"); } //upload new staff image if ($uploading && file_ext($_FILES["userfile"]['name']) == 'jpg') { define('DIRECTORY_ROOT', $_SERVER['DOCUMENT_ROOT']); define('DIRECTORY_WRITE', '/uploads'); $image = format_image($_FILES["userfile"]["tmp_name"], 'jpg'); $image = format_image_resize($image, 320, 320); file_put('/uploads/staff/' . $id . '.jpg', $image); } url_change("view.php?id=" . $id); } drawTop(); if (isset($_GET["id"])) { $r = db_grab("SELECT \n\t\tu.firstname,\n\t\tu.nickname,\n\t\tu.lastname,\n\t\tu.title, \n\t\tu.email, \n\t\tu.bio, \n\t\tu.phone, \n\t\tu.rankID,\n\t\tu.lastlogin,\n\t\tu.officeID, \n\t\tu.corporationID,\n\t\tu.departmentID,\n\t\tu.homeAddress1,\n\t\tu.homeAddress2,\n\t\tu.homeCity,\n\t\tu.homeStateID,\n\t\tu.homeZIP,\n\t\tu.homePhone,\n\t\tu.homeCell,\n\t\tu.homeEmail,\n\t\tu.emerCont1Name,\n\t\tu.emerCont1Relationship,\n\t\tu.emerCont1Phone,\n\t\tu.emerCont1Cell,\n\t\tu.emerCont1Email,\n\t\tu.emerCont2Name,\n\t\tu.emerCont2Relationship,\n\t\tu.emerCont2Phone,\n\t\tu.emerCont2Cell,\n\t\tu.emerCont2Email,\n\t\tu.createdOn,\n\t\tu.updatedOn,\n\t\tu.startDate,\n\t\tu.endDate\n\t\tFROM intranet_users u\n\t\tWHERE u.userID = " . $_GET["id"]); if ($_GET["id"] == $user["id"] && $user["update_days"] > 90) {
<?php include "../include.php"; if ($posting) { if (isset($_POST['order'])) { $counter = 1; foreach ($_POST['order'] as $link_id) { db_query('UPDATE links SET precedence = ' . $counter . ' WHERE id = ' . $link_id); $counter++; } die(drawLinks()); //for ajax to update links area in sidebar } else { db_enter("links", "text url precedence"); url_change(); } } elseif (!empty($_GET['id']) && url_action('delete')) { db_query('DELETE FROM links WHERE id = ' . $_GET['id']); url_query_drop('action,id'); } drawTop(); ?> <table cellspacing="1" class="left draggable links"> <thead> <?php echo drawHeaderRow(false, 4, "new", "#bottom"); ?> <tr> <th class="reorder"></th> <th>Link</th> <th>Address</th>
<?php include "include.php"; if ($posting) { $id = db_enter("calendar_events", "title description *startDate typeID"); url_change("./event.php?id=" . $_GET["id"]); } $e = db_grab("SELECT \n\t\te.title, \n\t\te.description, \n\t\te.startDate, \n\t\te.typeID,\n\t\tISNULL(u.nickname, u.firstname) first,\n\t\tu.lastname last,\n\t\te.createdBy,\n\t\te.createdOn,\n\t\tMONTH(e.startDate) month, \n\t\tYEAR(e.startDate) year\n\tFROM calendar_events e\n\tJOIN intranet_users u ON e.createdBy = u.userID\n\tWHERE e.id = " . $_GET["id"]); drawTop(); echo drawNavigationCal($e["month"], $e["year"], true); $form = new intranet_form(); if ($isAdmin) { $form->addUser("createdBy", "Posted By", $user["id"], $e["createdBy"], true); } $form->addRow("itext", "Title", "title", $e["title"], "", true); $form->addRow("select", "Type", "typeID", "SELECT id, description FROM calendar_events_types ORDER BY description", $e["typeID"], true); $form->addRow("datetime", "Date", "startDate", $e["startDate"]); $form->addRow("textarea", "Notes", "description", $e["description"], "", true); $form->addRow("submit", "save changes"); $form->draw("Edit Event"); drawBottom();
<?php include "../include.php"; if ($posting) { $_POST["description"] = format_html($_POST["message"]); $_POST["topicID"] = $_GET["id"]; $editing = false; $id = db_enter("bulletin_board_followups", "topicID |description"); db_grab("SELECT topicID FROM bulletin_board_followups WHERE id = " . $id); db_query("UPDATE bulletin_board_topics SET threadDate = GETDATE() WHERE id = " . $_GET["id"]); syndicateBulletinBoard(); url_change(); } //set topic and followups to deleted if (isset($_GET["delete"])) { db_query("UPDATE bulletin_board_topics SET \n\t\t\t\tisActive = 0,\n\t\t\t\tdeletedOn = GETDATE(),\n\t\t\t\tdeletedBy = {$user["id"]}\n\t\t\t WHERE id = " . $_GET["id"]); syndicateBulletinBoard(); url_change("/bb/"); } elseif (isset($_GET["deleteFollowupID"])) { db_query("UPDATE bulletin_board_followups SET \n\t\t\t\tisActive = 0,\n\t\t\t\tdeletedOn = GETDATE(),\n\t\t\t\tdeletedBy = {$user["id"]}\n\t\t\t WHERE ID = " . $_GET["deleteFollowupID"]); url_query_drop("deleteFollowupID"); } //get topic data $r = db_grab("SELECT \n\t\tt.title,\n\t\tt.description,\n\t\tt.createdOn,\n\t\tt.isAdmin,\n\t\tu.userID,\n\t\tISNULL(u.nickname, u.firstname) firstname,\n\t\tu.lastname\n\t\tFROM bulletin_board_topics t\n\t\tJOIN intranet_users u ON t.createdBy = u.userID\n\t\tWHERE t.id = " . $_GET["id"]); //check that it exists if (empty($r)) { url_change("/bb/"); } drawTop(); echo drawSyndicateLink("bb"); $isPoster = $r["userID"] == $user["id"] ? true : false;
<?php include 'include.php'; if ($posting) { $id = db_enter('skills', 'title group'); if ($editing) { url_change('skill.php?id=' . url_id()); } else { url_change('skills.php'); } } echo drawTop(); if ($editing) { $r = db_grab('SELECT title, `group` FROM skills WHERE id = ' . $_GET['id']); } $form = new intranet_form(); $form->addRow('itext', 'Title', 'title', @$r['title'], '', true, 50); $form->addRow('itext', 'Group', 'group', @$r['group'], '', true, 50); $form->addRow('submit', $editing ? 'Save Changes' : 'Add Skill'); echo $form->draw('<a href="./">Staff</a> > <a href="skills.php">Skills</a> > ' . ($editing ? 'Edit Skill' : 'Add Skill')); echo drawBottom();